package com.usthe.performance.springsecuritydemo;

import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.crypto.password.Md4PasswordEncoder;

/**
 * @author tomsun28
 * @date 2021/1/28 23:22
 */
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // 密码使用BCryptPasswordEncoder()方法验证，
        // 因此存储的密码也需要BCryptPasswordEncoder().encode(明文密码)方法加密密码
        auth.userDetailsService(username -> User.withUsername("root")
                .password(new Md4PasswordEncoder().encode("23456"))
                .roles("role2").build()).passwordEncoder(new Md4PasswordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers(HttpMethod.GET, "/**/*.html").anonymous()
                .antMatchers(HttpMethod.GET, "/**/*.js").anonymous()
                .antMatchers(HttpMethod.GET, "/**/*.css").anonymous()
                .antMatchers(HttpMethod.GET, "/**/*.icon").anonymous()
                .antMatchers(HttpMethod.GET, "/api/v9/source1").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source2").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source3").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source4").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source5").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source6").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source7").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source8").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source9").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source10").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source11").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source12").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source13").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source14").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source15").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source16").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source17").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source18").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v9/source19").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source1").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source2").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source3").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source4").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source5").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source6").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source7").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source8").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source9").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source10").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source11").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source12").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source13").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source14").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source15").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source16").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source17").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source18").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v8/source19").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source1").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source2").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source3").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source4").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source5").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source6").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source7").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source8").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source9").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source10").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source11").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source12").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source13").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source14").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source15").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source16").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source17").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source18").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v7/source19").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source1").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source2").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source3").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source4").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source5").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source6").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source7").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source8").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source9").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source10").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source11").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source12").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source13").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source14").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source15").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source16").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source17").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source18").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v6/source19").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source1").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source2").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source3").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source4").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source5").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source6").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source7").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source8").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source9").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source10").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source11").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source12").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source13").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source14").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source15").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source16").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source17").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source18").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v5/source19").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source1").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source2").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source3").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source4").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source5").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source6").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source7").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source8").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source9").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source10").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source11").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source12").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source13").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source14").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source15").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source16").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source17").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source18").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v4/source19").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source1").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source2").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source3").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source4").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source5").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source6").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source7").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source8").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source9").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source10").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source11").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source12").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source13").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source14").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source15").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source16").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source17").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source18").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v3/source19").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source1").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source2").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source3").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source4").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source5").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source6").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source7").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source8").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source9").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source10").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source11").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source12").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source13").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source14").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source15").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source16").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source17").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source18").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v2/source19").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source3").anonymous()
                .antMatchers(HttpMethod.POST, "/api/v1/account/auth").anonymous()
                .antMatchers(HttpMethod.GET, "/api/v1/source1").hasRole("role2")
                .antMatchers(HttpMethod.DELETE, "/api/v1/source1").hasRole("role3")
                .antMatchers(HttpMethod.PUT, "/api/v1/source1").hasAnyRole("role1","role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source2").permitAll()
                .antMatchers(HttpMethod.GET, "/api/v1/source2/*/*").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source3").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source3/*").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source4").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source5").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source6").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source7").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source8").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source9").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source10").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source11").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source12").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source13").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source14").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source15").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source16").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source17").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source18").hasRole("role2")
                .antMatchers(HttpMethod.GET, "/api/v1/source19").hasRole("role2")
                .anyRequest().authenticated()
                .and()
                .httpBasic();
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        super.configure(web);
    }
}
